PNR - data protection

The European Parliament today voted to give its consent to a controversial draft EU-US passenger data (PNR) agreement. The positive vote on the EU-US PNR deal, which came in spite of the fact that fundamental concerns previously outlined by the EP and European courts have not been addressed, will mean US authorities will be able to continue to retain private information about EU airline passengers (1). The Greens voted to reject the deal and hit out at the outcome with Green home affairs spokesperson Jan Philipp Albrecht (Germany) stating:

"A majority of MEPs has today voted to reverse the European Parliament's long-standing role in defence of EU citizens' civil liberties and to endorse intrusive big brother style surveillance. Instead of rejecting this senseless and excessive collection and retention of private data, those MEPs who voted in favour of the deal have engaged in gross hypocrisy and sought to wash their hands of the PNR controversy. The core fundamental rights concerns, raised by the Parliament and courts across Europe, have not been redressed in the deal endorsed today.

"The terms of the agreement remain disproportionate, notably the lengthy retention periods for passenger data, the use of data for the profiling of individuals and the lack of legal redress. These concerns, which have been previously highlighted by the EP and confirmed by independent research and court rulings in EU member states, will now simply be brushed under the carpet.

"The European Commission wants to follow up the EU-US PNR deal with an EU passenger data retention system and a comprehensive and expensive system for the electronic monitoring of EU borders. There is no evidence that these far-reaching data retention measures do anything to achieve their stated aim of ensuring greater security. Instead, they compromise EU citizens' privacy and civil liberties. It is high time the supposed progressive political forces in the EP and the EU faced down this ever-creeping push for more pervasive surveillance."

(1) The new agreement on the transfer of EU air passengers' personal data to the US Department of Homeland Security (USDHS) will replace another deal applied provisionally since 2007. A similar agreement had been ruled incompatible with EU law by the European Court of Justice.

The deal sets the legal conditions for the transfer of this data and covers issues such as storage periods and the purpose of the data use (data can include sensitive information, for example regarding a religious meal choice or requests for assistance due to a medical condition). PNR data is stored in airlines' reservation and departure control databases and made available to the USDHS.

The new agreement maintains similar provisions on retention periods, data use and protection and redress as earlier agreement and, as such, fails to redress the concerns raised by the European Parliament and European and national courts.